Malware

Bulz.216140 (B) (file analysis)

Malware Removal

The Bulz.216140 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Bulz.216140 (B) virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Bulz.216140 (B)?



File Info:

name: 73F07EAFB8477605D5E4.mlw
path: /opt/CAPEv2/storage/binaries/da3176c30b37befe7363c8786a4e43b1b5c96dee4c180ea4ad29daa5c27d36f9
crc32: C42377C5
md5: 73f07eafb8477605d5e46fd93d6cd505
sha1: b439e954c5847b56672972c0fe8790494dcc43b1
sha256: da3176c30b37befe7363c8786a4e43b1b5c96dee4c180ea4ad29daa5c27d36f9
sha512: 2c8b59346570f23dedf5739792e9fed80eb5ec3f8cdee1a624f2954c9413357db93b040ddbad547b0b4ede126b264327f82cdf02f79dca5dfb33081ded3f2330
ssdeep: 96:PRiW1LBonC5GBVLLmIokRUFt4TBpxzNt:JiKlMRUFK/T
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T196C1B41197E98337EAB747329EB3824147B4FA618E17CB5D28C4622F6C267404933BB1
sha3_384: 3f8ad4ed7a579de3a87ce0f0cdd23794528058607bfbeed5c27513a7ac0dabdeff727794bed62b8112874d2e947f21d4
ep_bytes: ff250020400000000000000000000000
timestamp: 2068-07-12 02:27:17


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: PWixel.art
FileVersion: 1.0.0.0
InternalName: Stealer.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: Stealer.exe
ProductName: PWixel.art
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Bulz.216140 (B) also known as:

BkavW32.AIDetectNet.01
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.216140
FireEyeGen:Variant.Bulz.216140
ALYacGen:Variant.Bulz.216140
CrowdStrikewin/malicious_confidence_70% (W)
K7GWPassword-Stealer ( 0057dc991 )
K7AntiVirusPassword-Stealer ( 0057dc991 )
ESET-NOD32a variant of MSIL/PSW.Agent.SLA
KasperskyHEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefenderGen:Variant.Bulz.216140
AvastWin32:PWSX-gen [Trj]
Ad-AwareGen:Variant.Bulz.216140
McAfee-GW-EditionArtemis!Trojan
EmsisoftGen:Variant.Bulz.216140 (B)
APEXMalicious
GDataGen:Variant.Bulz.216140
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.PWS.C4887619
McAfeeArtemis!73F07EAFB847
MAXmalware (ai score=84)
MalwarebytesSpyware.PasswordStealer.MSIL
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:FQ4trF6IR5gfddXxbdPrXg)
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:PWSX-gen [Trj]

How to remove Bulz.216140 (B)?

Bulz.216140 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment